. A zero knowledge identification scheme based on the q-ary SD problem. Selected Areas in Cryptography, Aug 2010, Waterloo, Canada. pp.171-186, 10.1007 A Zero-Knowledge Identification Scheme Based on the q-ary Syndrome Decoding Problem Abstract. At CRYPTO'93, Stern proposed a 3-pass code-based identification scheme with a cheating probability of 2/3. In this paper, we propose a 5-pass code-based protocol with a lower communication complexity, allowing an impersonator to succeed with only a probability of 1/2. Furthermore, we propose to use double-circulant construction in order to dramatically reduce the size of the public key. The proposed scheme is zero-knowledge and relies on an NP-complete coding theory problem (namely the q-ary Syndrome Decoding problem). The parameters we suggest for the instantiation of this scheme take into account a recent study of (a generalization of) Stern's information set decoding algorithm, applicable to linear codes over arbitrary fields Fq; the public data of our construction is then 4 Kbytes, whereas that of Stern's scheme is 15 Kbytes for the same level of security. This provides a very practical identification scheme which is especially attractive for light-weight cryptography.
International audienceIt is known how to transform certain canonical three-pass identification schemes into signature schemes via the Fiat–Shamir transform. Pointcheval and Stern showed that those schemes are existentially unforgeable in the random-oracle model leveraging the, at that time, novel forking lemma. Recently, a number of 5-pass identification protocols have been proposed. Extending the above technique to capture 5-pass identification schemes would allow to obtain novel unforgeable signature schemes. In this paper, we provide an extension of the forking lemma (and the Fiat–Shamir transform) in order to assess the security of what we call n -generic signature schemes. These include signature schemes that are derived from certain (2n+1) -pass identification schemes. In doing so, we put forward a generic methodology for proving the security of a number of signature schemes derived from (2n+1) -pass identification schemes for n≥2 . As an application of this methodology, we obtain two new code-based existentially-unforgeable signature schemes, along with a security reduction. In particular, we solve an open problem in multivariate cryptography posed by Sakumoto, Shirai and Hiwatari at CRYPTO 2011
Abstract. The well-known forking lemma by Pointcheval and Stern has been used to prove the security of the so-called generic signature schemes. These signature schemes are obtained via the Fiat-Shamir transform from three-pass identification schemes. A number of five-pass identification protocols have been proposed in the last few years. Extending the forking lemma and the Fiat-Shamir transform would allow to obtain new signature schemes since, unfortunately, these newly proposed schemes fall outside the original framework. In this paper, we provide an extension of the forking lemma in order to assess the security of what we call n-generic signature schemes. These include signature schemes that are derived from certain (2n + 1)-pass identification schemes. We thus obtain a generic methodology for proving the security of a number of signature schemes derived from recently published five-pass identification protocols, and potentially for (2n + 1)-pass identification schemes to come.
Abstract. The concept of threshold ring signature in code-based cryptography was introduced by Aguilar et al. in [1]. Their proposal uses Stern's identification scheme as basis. In this paper we construct a novel threshold ring signature scheme built on the q-SD identification scheme recently proposed by Cayrel et al. in [14]. Our proposed scheme benefits of a performance gain as a result of the reduction in the soundness error from 2/3 for Stern's scheme to 1/2 per round for the q-SD scheme. Our threshold ring signature scheme uses random linear codes over the field Fq, secure in the random oracle model and its security relies on the hardness of an error-correcting codes problem (namely the q-ary syndrome decoding problem). In this paper we also provide implementation results of the Aguilar et al. scheme and our proposal, this is the first efficient implementation of this type of code-based schemes.
Abstract. In this article, we present a new code-based stream cipher called 2SC, based on the sponge construction. The security of the keystream generation of 2SC is reducible to the conjectured intractability of the Syndrome Decoding (SD) problem, which is believed to be hard in the average case. Our stream cipher compares favorably with other provably secure stream ciphers such as QUAD and SYND in terms of efficiency and storage. In particular, 2SC is much faster than both these stream ciphers, requiring shorter keys and initial vectors (IVs) in order to attain comparable security levels (the runtime in terms of clock cycles is actually halved compared to SYND for around 170 bits of security, whereas the key size is about 50 bits smaller).
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.